[plug] viruses.?

Craig Ringer craig at postnewspapers.com.au
Fri Jan 14 14:10:53 WST 2005


On Fri, 2005-01-14 at 13:38 +0800, James Elliott wrote:
> One of the advantages of Linux is that Windows viruses cannot get into our 
> systems.

The most common malware, worms that target MS Windows, can't attack
Linux but can still get on a Linux system if the worm's file(s) are
copied there, say with a backup. Similarly, Windows worms and viruses
can spread from Windows machine to Windows machine via files stored on a
Linux file server.

Other worms can and do affect Linux, but they're pretty uncommon and the
only ones I'm aware of out there right now exploit what are now very old
flaws in server software.

There's also no guarantee that Linux will always be as safe as it is.
While people love to counter this with "but the virus can't affect the
OS, only the user account" they're quite right ... but your data is
still just as gone, and it can still use a local root exploit, attack
other systems over the 'net, rewrite your .xsession / .bashrc, etc.

> Someone just told me that she is immune to viruses too, because she has a 
> Mac

Macs are in a similar situation to Linux re viruses currently. Not
inherently immune, but much harder to attack, somewhat less interesting
if exploited, and with a lower (and more varied) installed base to
exploit. Like Linux, Windows viruses won't do a Mac much harm.

> but is this true if she is running Windows?

Absolutely not. Total paranoia and/or a virus scanner is required. As
with any operating system, regularly installing the security updates is
also critical. A firewall is extremely strongly recommended.

> I thought the virus would infect the file system regardless of the
> underlying hardware architecture, or am I wrong in that regard?

Well, regarding the PowerPC vs ia32 difference, the files can still be
stored on a PPC system, but they're executables for a different
processor - they can't run even if you want them to. If you're dumb
enough to use an x86 emulator to run a virus, you'll still need to have
programs that understand the binary format and can load it, provide the
OS APIs it expects, etc. The only thing like that I'm aware of for
MacOS/PPC is Virtual PC.

x86 Linux is safe from Windows viruses because the OS's APIs and binary
formats are so different that Linux can't execute Windows programs and
vice versa. Note that if you run a Windows virus / worm using WINE,
it /may/ be able to affect your system or attack other systems over the
'net.

Also, don't get too complacent. It's possible that some day viruses or
worms that affect firefox, evolution, kmail, etc may appear, either
using tried and true social engineering, or exploits in the software.

-- 
Craig Ringer




More information about the plug mailing list